Which user authentication method

第1题：

第2题：

Which two statements are correct about the aaa authentication login default grouptacacs+ localglobal configuration command？ （）

• A、 this login authenticationmethod list is automaticallyapplied to all lines except those that have a named method list explicitly defined
• B、 If the user fails the TACACS+ authentication then the local database on the router will be used to authenticatethe user
• C、 if the tacacs+ server fails to respond then the local database on the router will be used to authenticate the user 
• D、 "login" is the name of the method list being configured
• E、 if the tacacs+ server is unavailable， authentication will succeed automaticallyby default

第3题：

第4题：

Which two statements are true regarding firewall user authentication?（） (Choose two.)

• A、When configured for pass-through firewall user authentication, the user must first open a connection to the Junos security remote network resource.
• B、When configured for Web firewall user authentication only, the user must first open a connection to the Junos security remote network resource.
• C、If a Junos security device is configured for pass-through firewall user authentication, new sessions are automatically intercepted .
• D、If a Junos security device is configured for Web firewall user authentication, new sessions are automatically intercepted.

第5题：

Which two statements about the open and shared key wireless-authentication methods are true？ （）

• A、 Shared key authentication is considered more secure than open authentication.
• B、 Shared key authentication is considered less secure than open authentication.
• C、 If the WEP keys do not match using the open authentication method， the client will not authenticate， associate， and transfer data.
• D、 If the WEP keys do not match using the open authentication method， the client will still be able to authenticate and associate， but will not transfer data.
• E、 If the WEP keys do not match using the open authentication method， the client will still be able to authenticate， associate， and transfer data.

第6题：

Which information is contained in a AAA authentication method list?（）

• A、A pointer to the address where a RADIUS server can be located
• B、A sequential list of user authentication methods
• C、A description of what a user can execute on a router
• D、The setup for the authentication phase on a router

第7题：

Which of the following statements about authentication responses and conditions is true? （）(Choosetwo.)

• A、When a router receives a failure response, it stops querying authentication methods.
• B、When a router receives an error response, it stops querying authentication methods.
• C、If the router receives a failure response from an authentication method, it queries the next method.
• D、The router does not differentiate between failure and error responses; the authentication process is always interrupted.
• E、If it receives no response from the authentication method, a router will determine the error condition On its own; the router also has the option to proceed to the next method in a list if configured accordingly.

第8题：

第9题：

What is not a difference between VPN tunnel authentication and per-user authentication?（）

• A、VPN tunnel authentication is part of the IKE specification. 
• B、VPN tunnel authentication does not control which end user can use the IPSec SA (VPN tunnel).
• C、User authentication is used to control access for a specific user ID, and can be used with or without a VPN tunnel for network access authorization. 
• D、802.1X with EAP-TLS (X.509 certificates) can be used to authenticate an IPSec tunnel.

第10题：

Which statement describes the Authentication Proxy feature？（）

• A、All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
• B、A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
• C、Prior to responding to a proxy ARP，the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
• D、The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.